package org.thingsboard.server.common.transport.util;

import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Base64Utils;
import org.thingsboard.server.common.msg.EncryptionUtil;

/* loaded from: input_file:org/thingsboard/server/common/transport/util/SslUtil.class */
public class SslUtil {
    private static final Logger log = LoggerFactory.getLogger(SslUtil.class);

    private SslUtil() {
    }

    public static String getCertificateString(Certificate certificate) throws CertificateEncodingException {
        return EncryptionUtil.certTrimNewLines(Base64Utils.encodeToString(certificate.getEncoded()));
    }

    public static String getCertificateChainString(Certificate[] certificateArr) throws CertificateEncodingException {
        StringBuilder sb = new StringBuilder();
        for (Certificate certificate : certificateArr) {
            sb.append("-----BEGIN CERTIFICATE-----").append(EncryptionUtil.certTrimNewLines(Base64Utils.encodeToString(certificate.getEncoded()))).append("-----END CERTIFICATE-----").append("\n");
        }
        return sb.toString();
    }

    public static X509Certificate readCertFile(String str) {
        X509Certificate x509Certificate = null;
        if (str != null) {
            try {
                if (!str.trim().isEmpty()) {
                    byte[] decodeBase64 = Base64.decodeBase64(str.replace("-----BEGIN CERTIFICATE-----", "").replace("-----END CERTIFICATE-----", "").replaceAll("\\s", ""));
                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decodeBase64);
                    try {
                        x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                        byteArrayInputStream.close();
                    } finally {
                    }
                }
            } catch (Exception e) {
            }
        }
        return x509Certificate;
    }

    public static String parseCommonName(X509Certificate x509Certificate) {
        try {
            return IETFUtils.valueToString(new JcaX509CertificateHolder(x509Certificate).getSubject().getRDNs(BCStyle.CN)[0].getFirst().getValue());
        } catch (CertificateEncodingException e) {
            log.warn("Cannot parse CN from device certificate");
            throw new RuntimeException(e);
        }
    }
}
